It’s understandable that many consumers were shocked and outraged to learn that the credit card info of tens of millions of Target customers was compromised in a data breach during the holiday shopping period. But that outrage hasn’t translated into much action.

Consumers say they are worried about being the victims of identity theft and credit card fraud, and with good reason. In the aftermath of high-profile security breaches affecting customers at Target and Neiman Marcus, among other retailers, nearly half of American adults said they are “extremely concerned” about their personal data when paying for goods at stores with plastic, according to a recent Associated Press-GfK poll.

The Wall Street Journal reported that financial institutions have spent big bucks—more than $200 million alone in the case of the Target episode—to ease our concerns. The vast majority of that total ($172 million) covers the costs of replacing cards that have been compromised. “Credit unions have replaced or will replace 85% of their cards affected by the Target breach at no cost to their members,” Credit Union National Association Chief Executive Bill Cheney said in a statement, per the WSJ. “The combined $200 million cost borne entirely by banks and credit unions shows the extent to which financial institutions will go to protect their customers and members.”

At the same time that consumer sentiment, retailers, and financial institutions all appear to be on the same page that such data breaches are a huge problem, only a small portion of consumers have changed their spending habits to safeguard themselves. In the AP poll, 37% of consumers have paid for goods with cash rather than credit or debit to avoid data theft, and a smaller percentage has taken proactive steps such as changing their retailer website account password or requesting a new credit or debit card.

More importantly, the Target episode doesn’t seem to have scared many consumers away from shopping at its stores. In a new survey conducted in Minnesota—corporate headquarters of Target—only 5% of consumers said they would stop shopping at Target since the hacker attack, according to the Minneapolis Star Tribune. Meanwhile, 82% said they would continue shopping at Target just as much as they had in the past, while 11% indicated they’d shop a little less at Target now.